diff --git a/modules/openidProvider/templates/trust.tpl.php b/modules/openidProvider/templates/trust.tpl.php
index f9241719fb5fc9060b19b86557e1c87222fec622..5cbb595335424957910f2c7f54aeccef469e38ea 100644
--- a/modules/openidProvider/templates/trust.tpl.php
+++ b/modules/openidProvider/templates/trust.tpl.php
@@ -10,7 +10,7 @@ $params = array(
 echo('<p>' . $this->t('{openidProvider:openidProvider:confirm_question}', $params) . '</p>');
 ?>
 <form method="post" action="?">
-<input type="hidden" name="StateID" value="<?php echo $this->data['StateID']; ?>" />
+<input type="hidden" name="StateID" value="<?php echo htmlspecialchars($this->data['StateID']); ?>" />
 
 <input type="checkbox" name="TrustRemember" value="on" id="remember" />
 <label for="TrustRemember"><?php echo($this->t('{openidProvider:openidProvider:remember}')); ?></label>